Create gcp-csm-observability

Author: ejona86

gcp-csm-observability/build.gradle

@@ -0,0 +1,31 @@
+plugins {
+    id "java-library"
+
+    id "ru.vyarus.animalsniffer"
+}
+
+description = "gRPC: GCP CSM Observability"
+
+tasks.named("jar").configure {
+    manifest {
+        attributes('Automatic-Module-Name': 'io.grpc.gcp.csm.observability')
+    }
+}
+
+dependencies {
+    implementation project(':grpc-api'),
+            project(':grpc-core'),
+            project(':grpc-opentelemetry'),
+            project(':grpc-protobuf'),
+            project(':grpc-xds'),
+            libraries.guava.jre, // jre version pulled in via xds
+            libraries.protobuf.java,
+            libraries.opentelemetry.gcp.resources,
+            libraries.opentelemetry.sdk.extension.autoconfigure // opentelemetry.gcp.resources uses compileOnly for this dep
+    testImplementation project(":grpc-testing"),
+            project(":grpc-inprocess"),
+            libraries.opentelemetry.sdk.testing,
+            libraries.assertj.core // opentelemetry.sdk.testing uses compileOnly for this dep
+
+    signature libraries.signature.java
+}

gcp-csm-observability/src/main/java/io/grpc/gcp/csm/observability/CsmObservability.java

@@ -0,0 +1,160 @@
+/*
+ * Copyright 2024 The gRPC Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.grpc.gcp.csm.observability;
+
+import com.google.common.annotations.VisibleForTesting;
+import io.grpc.ExperimentalApi;
+import io.grpc.InternalConfigurator;
+import io.grpc.InternalConfiguratorRegistry;
+import io.grpc.ManagedChannelBuilder;
+import io.grpc.ServerBuilder;
+import io.grpc.opentelemetry.GrpcOpenTelemetry;
+import io.grpc.opentelemetry.InternalGrpcOpenTelemetry;
+import io.opentelemetry.api.OpenTelemetry;
+import java.io.Closeable;
+import java.util.Collection;
+import java.util.Collections;
+
+/**
+ * The entrypoint for GCP's CSM OpenTelemetry metrics functionality in gRPC.
+ *
+ * <p>CsmObservability uses {@link io.opentelemetry.api.OpenTelemetry} APIs for instrumentation.
+ * When no SDK is explicitly added no telemetry data will be collected. See
+ * {@code io.opentelemetry.sdk.OpenTelemetrySdk} for information on how to construct the SDK.
+ */
+@ExperimentalApi("TODO")
+public final class CsmObservability implements Closeable {
+  private final GrpcOpenTelemetry delegate;
+  private final MetadataExchanger exchanger;
+
+  public static Builder newBuilder() {
+    return new Builder();
+  }
+
+  private CsmObservability(Builder builder) {
+    this.delegate = builder.delegate.build();
+    this.exchanger = builder.exchanger;
+  }
+
+  /**
+   * Registers CsmObservability globally, applying its configuration to all subsequently created
+   * gRPC channels and servers.
+   *
+   * <p>Note: Only one of CsmObservability and GrpcOpenTelemetry instance can be registered
+   * globally. Any subsequent call to {@code registerGlobal()} will throw an {@code
+   * IllegalStateException}.
+   */
+  public void registerGlobal() {
+    InternalConfiguratorRegistry.setConfigurators(Collections.singletonList(
+        new InternalConfigurator() {
+          @Override
+          public void configureChannelBuilder(ManagedChannelBuilder<?> channelBuilder) {
+            CsmObservability.this.configureChannelBuilder(channelBuilder);
+          }
+
+          @Override
+          public void configureServerBuilder(ServerBuilder<?> serverBuilder) {
+            CsmObservability.this.configureServerBuilder(serverBuilder);
+          }
+        }));
+  }
+
+  @VisibleForTesting
+  void configureChannelBuilder(ManagedChannelBuilder<?> builder) {
+    delegate.configureChannelBuilder(builder);
+  }
+
+  @VisibleForTesting
+  void configureServerBuilder(ServerBuilder<?> serverBuilder) {
+    delegate.configureServerBuilder(serverBuilder);
+    exchanger.configureServerBuilder(serverBuilder);
+  }
+
+  @Override
+  public void close() {}
+
+  /**
+   * Builder for configuring {@link CsmObservability}.
+   */
+  @ExperimentalApi("TODO")
+  public static final class Builder {
+    private final GrpcOpenTelemetry.Builder delegate = GrpcOpenTelemetry.newBuilder();
+    private final MetadataExchanger exchanger;
+
+    private Builder() {
+      this(new MetadataExchanger());
+    }
+
+    @VisibleForTesting
+    Builder(MetadataExchanger exchanger) {
+      this.exchanger = exchanger;
+      InternalGrpcOpenTelemetry.builderPlugin(delegate, exchanger);
+    }
+
+    /**
+     * Sets the {@link io.opentelemetry.api.OpenTelemetry} entrypoint to use. This can be used to
+     * configure OpenTelemetry by returning the instance created by a
+     * {@code io.opentelemetry.sdk.OpenTelemetrySdkBuilder}.
+     */
+    public Builder sdk(OpenTelemetry sdk) {
+      delegate.sdk(sdk);
+      return this;
+    }
+
+    /**
+     * Adds optionalLabelKey to all the metrics that can provide value for the
+     * optionalLabelKey.
+     */
+    public Builder addOptionalLabel(String optionalLabelKey) {
+      delegate.addOptionalLabel(optionalLabelKey);
+      return this;
+    }
+
+    /**
+     * Enables the specified metrics for collection and export. By default, only a subset of
+     * metrics are enabled.
+     */
+    public Builder enableMetrics(Collection<String> enableMetrics) {
+      delegate.enableMetrics(enableMetrics);
+      return this;
+    }
+
+    /**
+     * Disables the specified metrics from being collected and exported.
+     */
+    public Builder disableMetrics(Collection<String> disableMetrics) {
+      delegate.disableMetrics(disableMetrics);
+      return this;
+    }
+
+    /**
+     * Disable all metrics. If set to true all metrics must be explicitly enabled.
+     */
+    public Builder disableAllMetrics() {
+      delegate.disableAllMetrics();
+      return this;
+    }
+
+    /**
+     * Returns a new {@link CsmObservability} built with the configuration of this {@link
+     * Builder}.
+     */
+    public CsmObservability build() {
+      return new CsmObservability(this);
+    }
+  }
+}

gcp-csm-observability/src/main/java/io/grpc/gcp/csm/observability/MetadataExchanger.java

@@ -0,0 +1,364 @@
+/*
+ * Copyright 2024 The gRPC Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.grpc.gcp.csm.observability;
+
+import com.google.common.annotations.VisibleForTesting;
+import com.google.common.base.Preconditions;
+import com.google.common.io.BaseEncoding;
+import com.google.protobuf.Struct;
+import com.google.protobuf.Value;
+import io.grpc.CallOptions;
+import io.grpc.ForwardingServerCall.SimpleForwardingServerCall;
+import io.grpc.Metadata;
+import io.grpc.ServerBuilder;
+import io.grpc.ServerCall;
+import io.grpc.ServerCallHandler;
+import io.grpc.ServerInterceptor;
+import io.grpc.Status;
+import io.grpc.internal.JsonParser;
+import io.grpc.internal.JsonUtil;
+import io.grpc.opentelemetry.InternalOpenTelemetryPlugin;
+import io.grpc.protobuf.ProtoUtils;
+import io.grpc.xds.ClusterImplLoadBalancerProvider;
+import io.grpc.xds.InternalGrpcBootstrapperImpl;
+import io.opentelemetry.api.common.AttributeKey;
+import io.opentelemetry.api.common.Attributes;
+import io.opentelemetry.api.common.AttributesBuilder;
+import io.opentelemetry.contrib.gcp.resource.GCPResourceProvider;
+import java.net.URI;
+import java.util.Map;
+import java.util.function.Consumer;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+/**
+ * OpenTelemetryPlugin implementing metadata-based workload property exchange for both client and
+ * server. Is responsible for determining the metadata, communicating the metadata, and adding local
+ * and remote details to metrics.
+ */
+final class MetadataExchanger implements InternalOpenTelemetryPlugin {
+  private static final Logger logger = Logger.getLogger(MetadataExchanger.class.getName());
+
+  private static final AttributeKey<String> CLOUD_PLATFORM =
+      AttributeKey.stringKey("cloud.platform");
+  private static final AttributeKey<String> K8S_NAMESPACE_NAME =
+      AttributeKey.stringKey("k8s.namespace.name");
+  private static final AttributeKey<String> K8S_CLUSTER_NAME =
+      AttributeKey.stringKey("k8s.cluster.name");
+  private static final AttributeKey<String> CLOUD_AVAILABILITY_ZONE =
+      AttributeKey.stringKey("cloud.availability_zone");
+  private static final AttributeKey<String> CLOUD_REGION =
+      AttributeKey.stringKey("cloud.region");
+  private static final AttributeKey<String> CLOUD_ACCOUNT_ID =
+      AttributeKey.stringKey("cloud.account.id");
+
+  private static final Metadata.Key<String> SEND_KEY =
+      Metadata.Key.of("x-envoy-peer-metadata", Metadata.ASCII_STRING_MARSHALLER);
+  private static final Metadata.Key<Struct> RECV_KEY =
+      Metadata.Key.of("x-envoy-peer-metadata", new BinaryToAsciiMarshaller<>(
+          ProtoUtils.metadataMarshaller(Struct.getDefaultInstance())));
+
+  private static final String EXCHANGE_TYPE = "type";
+  private static final String EXCHANGE_CANONICAL_SERVICE = "canonical_service";
+  private static final String EXCHANGE_PROJECT_ID = "project_id";
+  private static final String EXCHANGE_LOCATION = "location";
+  private static final String EXCHANGE_CLUSTER_NAME = "cluster_name";
+  private static final String EXCHANGE_NAMESPACE_NAME = "namespace_name";
+  private static final String EXCHANGE_WORKLOAD_NAME = "workload_name";
+  private static final String TYPE_GKE = "gcp_kubernetes_engine";
+  private static final String TYPE_GCE = "gcp_compute_engine";
+
+  private final String localMetadata;
+  private final Attributes localAttributes;
+
+  public MetadataExchanger() {
+    this(
+        new GCPResourceProvider().getAttributes(),
+        System::getenv,
+        InternalGrpcBootstrapperImpl::getJsonContent);
+  }
+
+  MetadataExchanger(Attributes platformAttributes, Lookup env, Supplier<String> xdsBootstrap) {
+    String type = platformAttributes.get(CLOUD_PLATFORM);
+    String canonicalService = env.get("CSM_CANONICAL_SERVICE_NAME");
+    Struct.Builder struct = Struct.newBuilder();
+    put(struct, EXCHANGE_TYPE, type);
+    put(struct, EXCHANGE_CANONICAL_SERVICE, canonicalService);
+    if (TYPE_GKE.equals(type)) {
+      String location = platformAttributes.get(CLOUD_AVAILABILITY_ZONE);
+      if (location == null) {
+        location = platformAttributes.get(CLOUD_REGION);
+      }
+      put(struct, EXCHANGE_WORKLOAD_NAME,  env.get("CSM_WORKLOAD_NAME"));
+      put(struct, EXCHANGE_NAMESPACE_NAME, platformAttributes.get(K8S_NAMESPACE_NAME));
+      put(struct, EXCHANGE_CLUSTER_NAME,   platformAttributes.get(K8S_CLUSTER_NAME));
+      put(struct, EXCHANGE_LOCATION,       location);
+      put(struct, EXCHANGE_PROJECT_ID,     platformAttributes.get(CLOUD_ACCOUNT_ID));
+    } else if (TYPE_GCE.equals(type)) {
+      String location = platformAttributes.get(CLOUD_AVAILABILITY_ZONE);
+      if (location == null) {
+        location = platformAttributes.get(CLOUD_REGION);
+      }
+      put(struct, EXCHANGE_WORKLOAD_NAME, env.get("CSM_WORKLOAD_NAME"));
+      put(struct, EXCHANGE_LOCATION,      location);
+      put(struct, EXCHANGE_PROJECT_ID,    platformAttributes.get(CLOUD_ACCOUNT_ID));
+    }
+    localMetadata = BaseEncoding.base64().encode(struct.build().toByteArray());
+
+    localAttributes = Attributes.builder()
+        .put("csm.mesh_id", nullIsUnknown(getMeshId(xdsBootstrap)))
+        .put("csm.workload_canonical_service", nullIsUnknown(canonicalService))
+        .build();
+  }
+
+  private static String nullIsUnknown(String value) {
+    return value == null ? "unknown" : value;
+  }
+
+  private static void put(Struct.Builder struct, String key, String value) {
+    value = nullIsUnknown(value);
+    struct.putFields(key, Value.newBuilder().setStringValue(value).build());
+  }
+
+  private static void put(AttributesBuilder attributes, String key, Value value) {
+    attributes.put(key, nullIsUnknown(fromValue(value)));
+  }
+
+  private static String fromValue(Value value) {
+    if (value == null) {
+      return null;
+    }
+    if (value.getKindCase() != Value.KindCase.STRING_VALUE) {
+      return null;
+    }
+    return value.getStringValue();
+  }
+
+  @VisibleForTesting
+  static String getMeshId(Supplier<String> xdsBootstrap) {
+    try {
+      @SuppressWarnings("unchecked")
+      Map<String, ?> rawBootstrap = (Map<String, ?>) JsonParser.parse(xdsBootstrap.get());
+      Map<String, ?> node = JsonUtil.getObject(rawBootstrap, "node");
+      String id = JsonUtil.getString(node, "id");
+      Preconditions.checkNotNull(id, "id");
+      String[] parts = id.split("/", 6);
+      if (!(parts.length == 6
+          && parts[0].equals("projects")
+          && parts[2].equals("networks")
+          && parts[3].startsWith("mesh:")
+          && parts[4].equals("nodes"))) {
+        throw new Exception("node id didn't match mesh format: " + id);
+      }
+      return parts[3].substring("mesh:".length());
+    } catch (Exception e) {
+      logger.log(Level.INFO, "Failed to determine mesh ID for CSM", e);
+      return null;
+    }
+  }
+
+  private void addLabels(AttributesBuilder to, Struct struct) {
+    to.putAll(localAttributes);
+    Map<String, Value> remote = struct.getFieldsMap();
+    Value typeValue = remote.get(EXCHANGE_TYPE);
+    String type = fromValue(typeValue);
+    put(to, "csm.remote_workload_type", typeValue);
+    put(to, "csm.remote_workload_canonical_service", remote.get(EXCHANGE_CANONICAL_SERVICE));
+    if (TYPE_GKE.equals(type)) {
+      put(to, "csm.remote_workload_project_id",     remote.get(EXCHANGE_PROJECT_ID));
+      put(to, "csm.remote_workload_location",       remote.get(EXCHANGE_LOCATION));
+      put(to, "csm.remote_workload_cluster_name",   remote.get(EXCHANGE_CLUSTER_NAME));
+      put(to, "csm.remote_workload_namespace_name", remote.get(EXCHANGE_NAMESPACE_NAME));
+      put(to, "csm.remote_workload_name",           remote.get(EXCHANGE_WORKLOAD_NAME));
+    } else if (TYPE_GCE.equals(type)) {
+      put(to, "csm.remote_workload_project_id",     remote.get(EXCHANGE_PROJECT_ID));
+      put(to, "csm.remote_workload_location",       remote.get(EXCHANGE_LOCATION));
+      put(to, "csm.remote_workload_name",           remote.get(EXCHANGE_WORKLOAD_NAME));
+    }
+  }
+
+  @Override
+  public boolean enablePluginForChannel(String target) {
+    URI uri;
+    try {
+      uri = new URI(target);
+    } catch (Exception ex) {
+      return false;
+    }
+    String authority = uri.getAuthority();
+    return "xds".equals(uri.getScheme())
+        && (authority == null || "traffic-director-global.xds.googleapis.com".equals(authority));
+  }
+
+  @Override
+  public ClientCallPlugin newClientCallPlugin() {
+    return new ClientCallState();
+  }
+
+  public void configureServerBuilder(ServerBuilder<?> serverBuilder) {
+    serverBuilder.intercept(new ServerCallInterceptor());
+  }
+
+  @Override
+  public ServerStreamPlugin newServerStreamPlugin(Metadata inboundMetadata) {
+    return new ServerStreamState(inboundMetadata.get(RECV_KEY));
+  }
+
+  final class ClientCallState implements ClientCallPlugin {
+    private volatile Value serviceName;
+    private volatile Value serviceNamespace;
+
+    @Override
+    public ClientStreamPlugin newClientStreamPlugin() {
+      return new ClientStreamState();
+    }
+
+    @Override
+    public CallOptions filterCallOptions(CallOptions options) {
+      Consumer<Map<String, Struct>> existingConsumer =
+          options.getOption(ClusterImplLoadBalancerProvider.FILTER_METADATA_CONSUMER);
+      return options.withOption(
+          ClusterImplLoadBalancerProvider.FILTER_METADATA_CONSUMER,
+          (Map<String, Struct> clusterMetadata) -> {
+            metadataConsumer(clusterMetadata);
+            existingConsumer.accept(clusterMetadata);
+          });
+    }
+
+    private void metadataConsumer(Map<String, Struct> clusterMetadata) {
+      Struct struct = clusterMetadata.get("com.google.csm.telemetry_labels");
+      if (struct == null) {
+        struct = Struct.getDefaultInstance();
+      }
+      serviceName = struct.getFieldsMap().get("service_name");
+      serviceNamespace = struct.getFieldsMap().get("service_namespace");
+    }
+
+    @Override
+    public void addMetadata(Metadata toMetadata) {
+      toMetadata.put(SEND_KEY, localMetadata);
+    }
+
+    class ClientStreamState implements ClientStreamPlugin {
+      private Struct receivedExchange;
+
+      @Override
+      public void inboundHeaders(Metadata headers) {
+        setExchange(headers);
+      }
+
+      @Override
+      public void inboundTrailers(Metadata trailers) {
+        if (receivedExchange != null) {
+          return; // Received headers
+        }
+        setExchange(trailers);
+      }
+
+      private void setExchange(Metadata metadata) {
+        Struct received = metadata.get(RECV_KEY);
+        if (received == null) {
+          receivedExchange = Struct.getDefaultInstance();
+        } else {
+          receivedExchange = received;
+        }
+      }
+
+      @Override
+      public void addLabels(AttributesBuilder to) {
+        put(to, "csm.service_name",      serviceName);
+        put(to, "csm.service_namespace", serviceNamespace);
+        Struct exchange = receivedExchange;
+        if (exchange == null) {
+          exchange = Struct.getDefaultInstance();
+        }
+        MetadataExchanger.this.addLabels(to, exchange);
+      }
+    }
+  }
+
+  final class ServerCallInterceptor implements ServerInterceptor {
+    @Override
+    public <ReqT, RespT> ServerCall.Listener<ReqT> interceptCall(
+        ServerCall<ReqT, RespT> call, Metadata headers, ServerCallHandler<ReqT, RespT> next) {
+      if (!headers.containsKey(RECV_KEY)) {
+        return next.startCall(call, headers);
+      } else {
+        return next.startCall(new SimpleForwardingServerCall<ReqT, RespT>(call) {
+          private boolean headersSent;
+
+          @Override
+          public void sendHeaders(Metadata headers) {
+            headersSent = true;
+            headers.put(SEND_KEY, localMetadata);
+            super.sendHeaders(headers);
+          }
+
+          @Override
+          public void close(Status status, Metadata trailers) {
+            if (!headersSent) {
+              trailers.put(SEND_KEY, localMetadata);
+            }
+            super.close(status, trailers);
+          }
+        }, headers);
+      }
+    }
+  }
+
+  final class ServerStreamState implements ServerStreamPlugin {
+    private final Struct receivedExchange;
+
+    ServerStreamState(Struct exchange) {
+      if (exchange == null) {
+        exchange = Struct.getDefaultInstance();
+      }
+      receivedExchange = exchange;
+    }
+
+    @Override
+    public void addLabels(AttributesBuilder to) {
+      MetadataExchanger.this.addLabels(to, receivedExchange);
+    }
+  }
+
+  interface Lookup {
+    String get(String name);
+  }
+
+  interface Supplier<T> {
+    T get() throws Exception;
+  }
+
+  static final class BinaryToAsciiMarshaller<T> implements Metadata.AsciiMarshaller<T> {
+    private final Metadata.BinaryMarshaller<T> delegate;
+
+    public BinaryToAsciiMarshaller(Metadata.BinaryMarshaller<T> delegate) {
+      this.delegate = Preconditions.checkNotNull(delegate, "delegate");
+    }
+
+    @Override
+    public T parseAsciiString(String serialized) {
+      return delegate.parseBytes(BaseEncoding.base64().decode(serialized));
+    }
+
+    @Override
+    public String toAsciiString(T value) {
+      return BaseEncoding.base64().encode(delegate.toBytes(value));
+    }
+  }
+}

gcp-csm-observability/src/test/java/io/grpc/gcp/csm/observability/CsmObservabilityTest.java

@@ -0,0 +1,201 @@
+/*
+ * Copyright 2024 The gRPC Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.grpc.gcp.csm.observability;
+
+import static com.google.common.truth.Truth.assertThat;
+import static io.opentelemetry.api.common.AttributeKey.stringKey;
+
+import com.google.common.collect.ImmutableMap;
+import com.google.common.io.BaseEncoding;
+import com.google.protobuf.Struct;
+import com.google.protobuf.Value;
+import io.grpc.Metadata;
+import io.opentelemetry.api.common.Attributes;
+import io.opentelemetry.api.common.AttributesBuilder;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.JUnit4;
+
+/** Tests for {@link MetadataExchanger}. */
+@RunWith(JUnit4.class)
+public final class MetadataExchangerTest {
+  @Test
+  public void getMeshId_findsMeshId() {
+    assertThat(MetadataExchanger.getMeshId(() ->
+        "{\"node\":{\"id\":\"projects/12/networks/mesh:mine/nodes/uu-id\"}}"))
+        .isEqualTo("mine");
+    assertThat(MetadataExchanger.getMeshId(() ->
+          "{\"node\":{\"id\":\"projects/1234567890/networks/mesh:mine/nodes/uu-id\", "
+          + "\"unknown\": \"\"}, \"unknown\": \"\"}"))
+        .isEqualTo("mine");
+  }
+
+  @Test
+  public void getMeshId_returnsNullOnBadMeshId() {
+    assertThat(MetadataExchanger.getMeshId(
+            () -> "[\"node\"]"))
+        .isNull();
+    assertThat(MetadataExchanger.getMeshId(
+            () -> "{\"node\":[\"id\"]}}"))
+        .isNull();
+    assertThat(MetadataExchanger.getMeshId(
+            () -> "{\"node\":{\"id\":[\"projects/12/networks/mesh:mine/nodes/uu-id\"]}}"))
+        .isNull();
+
+    assertThat(MetadataExchanger.getMeshId(
+            () -> "{\"NODE\":{\"id\":\"projects/12/networks/mesh:mine/nodes/uu-id\"}}"))
+        .isNull();
+    assertThat(MetadataExchanger.getMeshId(
+            () -> "{\"node\":{\"ID\":\"projects/12/networks/mesh:mine/nodes/uu-id\"}}"))
+        .isNull();
+    assertThat(MetadataExchanger.getMeshId(
+            () -> "{\"node\":{\"id\":\"projects/12/networks/mesh:mine\"}}"))
+        .isNull();
+    assertThat(MetadataExchanger.getMeshId(
+            () -> "{\"node\":{\"id\":\"PROJECTS/12/networks/mesh:mine/nodes/uu-id\"}}"))
+        .isNull();
+    assertThat(MetadataExchanger.getMeshId(
+            () -> "{\"node\":{\"id\":\"projects/12/NETWORKS/mesh:mine/nodes/uu-id\"}}"))
+        .isNull();
+    assertThat(MetadataExchanger.getMeshId(
+            () -> "{\"node\":{\"id\":\"projects/12/networks/MESH:mine/nodes/uu-id\"}}"))
+        .isNull();
+    assertThat(MetadataExchanger.getMeshId(
+            () -> "{\"node\":{\"id\":\"projects/12/networks/mesh:mine/NODES/uu-id\"}}"))
+        .isNull();
+  }
+
+  @Test
+  public void enablePluginForChannel_matches() {
+    MetadataExchanger exchanger =
+        new MetadataExchanger(Attributes.builder().build(), (name) -> null, () -> "");
+    assertThat(exchanger.enablePluginForChannel("xds:///testing")).isTrue();
+    assertThat(exchanger.enablePluginForChannel("xds:/testing")).isTrue();
+    assertThat(exchanger.enablePluginForChannel(
+        "xds://traffic-director-global.xds.googleapis.com/testing:123")).isTrue();
+  }
+
+  @Test
+  public void enablePluginForChannel_doesNotMatch() {
+    MetadataExchanger exchanger =
+        new MetadataExchanger(Attributes.builder().build(), (name) -> null, () -> "");
+    assertThat(exchanger.enablePluginForChannel("dns:///localhost")).isFalse();
+    assertThat(exchanger.enablePluginForChannel("xds:///[]")).isFalse();
+    assertThat(exchanger.enablePluginForChannel("xds://my-xds-server/testing")).isFalse();
+  }
+
+  @Test
+  public void addLabels_receivedWrongType() {
+    MetadataExchanger exchanger =
+        new MetadataExchanger(Attributes.builder().build(), (name) -> null, () -> "");
+    Metadata metadata = new Metadata();
+    metadata.put(Metadata.Key.of("x-envoy-peer-metadata", Metadata.ASCII_STRING_MARSHALLER),
+        BaseEncoding.base64().encode(Struct.newBuilder()
+          .putFields("type", Value.newBuilder().setNumberValue(1).build())
+          .build()
+          .toByteArray()));
+    AttributesBuilder builder = Attributes.builder();
+    exchanger.newServerStreamPlugin(metadata).addLabels(builder);
+
+    assertThat(builder.build()).isEqualTo(Attributes.builder()
+        .put(stringKey("csm.mesh_id"), "unknown")
+        .put(stringKey("csm.workload_canonical_service"), "unknown")
+        .put(stringKey("csm.remote_workload_type"), "unknown")
+        .put(stringKey("csm.remote_workload_canonical_service"), "unknown")
+        .build());
+  }
+
+  @Test
+  public void addLabelsFromExchange_unknownGcpType() {
+    MetadataExchanger exchanger =
+        new MetadataExchanger(Attributes.builder().build(), (name) -> null, () -> "");
+    Metadata metadata = new Metadata();
+    metadata.put(Metadata.Key.of("x-envoy-peer-metadata", Metadata.ASCII_STRING_MARSHALLER),
+        BaseEncoding.base64().encode(Struct.newBuilder()
+          .putFields("type", Value.newBuilder().setStringValue("gcp_surprise").build())
+          .putFields("canonical_service", Value.newBuilder().setStringValue("myservice1").build())
+          .build()
+          .toByteArray()));
+    AttributesBuilder builder = Attributes.builder();
+    exchanger.newServerStreamPlugin(metadata).addLabels(builder);
+
+    assertThat(builder.build()).isEqualTo(Attributes.builder()
+        .put(stringKey("csm.mesh_id"), "unknown")
+        .put(stringKey("csm.workload_canonical_service"), "unknown")
+        .put(stringKey("csm.remote_workload_type"), "gcp_surprise")
+        .put(stringKey("csm.remote_workload_canonical_service"), "myservice1")
+        .build());
+  }
+
+  @Test
+  public void addMetadata_k8s() throws Exception {
+    MetadataExchanger exchanger = new MetadataExchanger(
+        Attributes.builder()
+            .put(stringKey("cloud.platform"), "gcp_kubernetes_engine")
+            .put(stringKey("k8s.namespace.name"), "mynamespace1")
+            .put(stringKey("k8s.cluster.name"), "mycluster1")
+            .put(stringKey("cloud.availability_zone"), "myzone1")
+            .put(stringKey("cloud.account.id"), "0001")
+            .build(),
+        ImmutableMap.of(
+            "CSM_CANONICAL_SERVICE_NAME", "myservice1",
+            "CSM_WORKLOAD_NAME", "myworkload1")::get,
+        () -> "");
+    Metadata metadata = new Metadata();
+    exchanger.newClientCallPlugin().addMetadata(metadata);
+
+    Struct peer = Struct.parseFrom(BaseEncoding.base64().decode(metadata.get(
+        Metadata.Key.of("x-envoy-peer-metadata", Metadata.ASCII_STRING_MARSHALLER))));
+    assertThat(peer).isEqualTo(
+        Struct.newBuilder()
+          .putFields("type", Value.newBuilder().setStringValue("gcp_kubernetes_engine").build())
+          .putFields("canonical_service", Value.newBuilder().setStringValue("myservice1").build())
+          .putFields("workload_name", Value.newBuilder().setStringValue("myworkload1").build())
+          .putFields("namespace_name", Value.newBuilder().setStringValue("mynamespace1").build())
+          .putFields("cluster_name", Value.newBuilder().setStringValue("mycluster1").build())
+          .putFields("location", Value.newBuilder().setStringValue("myzone1").build())
+          .putFields("project_id", Value.newBuilder().setStringValue("0001").build())
+          .build());
+  }
+
+  @Test
+  public void addMetadata_gce() throws Exception {
+    MetadataExchanger exchanger = new MetadataExchanger(
+        Attributes.builder()
+            .put(stringKey("cloud.platform"), "gcp_compute_engine")
+            .put(stringKey("cloud.availability_zone"), "myzone1")
+            .put(stringKey("cloud.account.id"), "0001")
+            .build(),
+        ImmutableMap.of(
+            "CSM_CANONICAL_SERVICE_NAME", "myservice1",
+            "CSM_WORKLOAD_NAME", "myworkload1")::get,
+        () -> "");
+    Metadata metadata = new Metadata();
+    exchanger.newClientCallPlugin().addMetadata(metadata);
+
+    Struct peer = Struct.parseFrom(BaseEncoding.base64().decode(metadata.get(
+        Metadata.Key.of("x-envoy-peer-metadata", Metadata.ASCII_STRING_MARSHALLER))));
+    assertThat(peer).isEqualTo(
+        Struct.newBuilder()
+          .putFields("type", Value.newBuilder().setStringValue("gcp_compute_engine").build())
+          .putFields("canonical_service", Value.newBuilder().setStringValue("myservice1").build())
+          .putFields("workload_name", Value.newBuilder().setStringValue("myworkload1").build())
+          .putFields("location", Value.newBuilder().setStringValue("myzone1").build())
+          .putFields("project_id", Value.newBuilder().setStringValue("0001").build())
+          .build());
+  }
+}

gcp-csm-observability/src/test/java/io/grpc/gcp/csm/observability/MetadataExchangerTest.java

@@ -77,6 +77,8 @@ opencensus-exporter-trace-stackdriver = { module = "io.opencensus:opencensus-exp
 opencensus-impl = { module = "io.opencensus:opencensus-impl", version.ref = "opencensus" }
 opencensus-proto = "io.opencensus:opencensus-proto:0.2.0"
 opentelemetry-api = "io.opentelemetry:opentelemetry-api:1.36.0"
+opentelemetry-gcp-resources = "io.opentelemetry.contrib:opentelemetry-gcp-resources:1.34.0-alpha"
+opentelemetry-sdk-extension-autoconfigure = "io.opentelemetry:opentelemetry-sdk-extension-autoconfigure:1.36.0"
 opentelemetry-sdk-testing = "io.opentelemetry:opentelemetry-sdk-testing:1.36.0"
 perfmark-api = "io.perfmark:perfmark-api:0.26.0"
 protobuf-java = { module = "com.google.protobuf:protobuf-java", version.ref = "protobuf" }

gradle/libs.versions.toml

@@ -68,6 +68,7 @@ include ":grpc-xds"
 include ":grpc-bom"
 include ":grpc-rls"
 include ":grpc-authz"
+include ":grpc-gcp-csm-observability"
 include ":grpc-gcp-observability"
 include ":grpc-gcp-observability:interop"
 include ":grpc-istio-interop-testing"
@@ -102,6 +103,7 @@ project(':grpc-xds').projectDir = "$rootDir/xds" as File
 project(':grpc-bom').projectDir = "$rootDir/bom" as File
 project(':grpc-rls').projectDir = "$rootDir/rls" as File
 project(':grpc-authz').projectDir = "$rootDir/authz" as File
+project(':grpc-gcp-csm-observability').projectDir = "$rootDir/gcp-csm-observability" as File
 project(':grpc-gcp-observability').projectDir = "$rootDir/gcp-observability" as File
 project(':grpc-gcp-observability:interop').projectDir = "$rootDir/gcp-observability/interop" as File
 project(':grpc-istio-interop-testing').projectDir = "$rootDir/istio-interop-testing" as File

settings.gradle

@@ -52,7 +52,7 @@ protected boolean isAvailable() {
 
   @Override
   protected int priority() {
-    return 5; // Default
+    return 10; // High priority
   }
 
   @Override

testing/src/main/java/io/grpc/internal/testing/FakeNameResolverProvider.java

@@ -0,0 +1,33 @@
+/*
+ * Copyright 2024 The gRPC Authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package io.grpc.xds;
+
+import io.grpc.Internal;
+import io.grpc.xds.client.XdsInitializationException;
+import java.io.IOException;
+
+/**
+ * Internal accessors for GrpcBootstrapperImpl.
+ */
+@Internal
+public final class InternalGrpcBootstrapperImpl {
+  private InternalGrpcBootstrapperImpl() {} // prevent instantiation
+
+  public static String getJsonContent() throws XdsInitializationException, IOException {
+    return new GrpcBootstrapperImpl().getJsonContent();
+  }
+}