internal/resolver: add target URI parsing with resolver validation

[HueCodes]

Fixes #8747

Add resolver validation to ParseTarget in grpcutil. The function
parses a gRPC target URI string and verifies that a resolver is
registered for the parsed scheme.

Revert clientconn.go to url.Parse since it uses cc.getResolver()
for custom dial-option resolvers. Remove the redundant resolver.Get
check from rls/config.go.

RELEASE NOTES: n/a

[codecov]

Codecov Report

❌ Patch coverage is 94.11765% with 1 line in your changes missing coverage. Please review.
✅ Project coverage is 83.05%. Comparing base (2abe1f0) to head (89ed8d1).
⚠️ Report is 66 commits behind head on master.

Files with missing lines	Patch %	Lines
balancer/rls/config.go	50.00%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #8876      +/-   ##
==========================================
- Coverage   83.17%   83.05%   -0.12%     
==========================================
  Files         414      412       -2     
  Lines       32751    32950     +199     
==========================================
+ Hits        27241    27367     +126     
- Misses       4091     4185      +94     
+ Partials     1419     1398      -21     

Files with missing lines	Coverage Δ
clientconn.go	90.49% <100.00%> (-0.31%)	⬇️
internal/resolver/target.go	100.00% <100.00%> (ø)
balancer/rls/config.go	84.96% <50.00%> (-0.65%)	⬇️

... and 94 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[arjan-bal]

Hi @HueCodes, thanks for picking up this issue.

To ensure we have a reusable API, we should update existing call sites to use the new implementation. Specifically:

1. ClientConn:
   

   grpc-go/clientconn.go

   Lines 1802 to 1827 in b7b1cce

   	parsedTarget, err := parseTarget(cc.target)
   	if err == nil {
   	rb = cc.getResolver(parsedTarget.URL.Scheme)
   	if rb != nil {
   	cc.parsedTarget = parsedTarget
   	cc.resolverBuilder = rb
   	return nil
   	}
   	}
   	// We are here because the user's dial target did not contain a scheme or
   	// specified an unregistered scheme. We should fallback to the default
   	// scheme, except when a custom dialer is specified in which case, we should
   	// always use passthrough scheme. For either case, we need to respect any overridden
   	// global defaults set by the user.
   	defScheme := cc.dopts.defaultScheme
   	if internal.UserSetDefaultScheme {
   	defScheme = resolver.GetDefaultScheme()
   	}
   	canonicalTarget := defScheme + ":///" + cc.target
   	parsedTarget, err = parseTarget(canonicalTarget)
   	if err != nil {
   	return err
   	}

2. Route Lookup Service:
   

   grpc-go/balancer/rls/config.go

   Lines 198 to 205 in b7b1cce

   	parsedTarget, err := url.Parse(lookupService)
   	if err != nil {
   	// url.Parse() fails if scheme is missing. Retry with default scheme.
   	parsedTarget, err = url.Parse(resolver.GetDefaultScheme() + ":///" + lookupService)
   	if err != nil {
   	return nil, fmt.Errorf("rls: invalid target URI in lookup_service %s", lookupService)
   	}
   	}

Both of these locations share common behavior:

1. If parsing fails, they attempt to append the default scheme and re-parse.
2. They return a url.URL object.

To handle this, the new function would need to accept a default scheme param and return a url.Url as the result. I think we should design the API to handle these two operations internally. This would allow us to refactor the existing code to call the new API as well. @easwars, what do you think?

[HueCodes]

Thanks for the response! I will work on fixing this today when I am off work.

[easwars]

Agree with the comments by @arjan-bal.

Another place where we would have to use the new API is here:

grpc-go/internal/xds/bootstrap/bootstrap.go

Line 399 in b7b1cce

if sc.serverURI == "" {

Currently, that code only verifies that the server_uri is not empty. But we need to ensure that it is a valid URI. I think this will cause a whole bunch of unit tests to fail because we simply pass a non-empty string for this value in a lot of tests. So, this could also be done as a follow-up if it ends up touching too many test files. Thanks.

[HueCodes]

Thanks for taking the time to review this. I appreciate it. I addressed the issues:

• Added ParseTarget function that accepts a default scheme parameter and returns *url.URL
• Updated clientconn.go and balancer/rls/config.go to use the new function
• Left xds/bootstrap for a follow-up as suggested, since it may touch many test files

Let me know if there are any other changes you would like me to make.

[arjan-bal]

In addition to the scheme, I think we should also validate the host and the path (via Target.Endpoint()) since they're the most important components for gRPC. I've left a separate comment about returning a resolver.Target instead of a URL.

[arjan-bal]

I didn't realize that adding the function here would make the ParseTarget public. The issue explicitly mentions that the API should be internal. Can you please move the function to the internal/resolver package?

grpc-go/internal/resolver/config_selector.go

Lines 19 to 20 in c1a9239

	// Package resolver provides internal resolver-related functionality.
	package resolver

Apologies for the back and forth.

[HueCodes]

Thank you for taking the time to review my code. I am learning a ton as this is very helpful. I should be done tonight and will push the changes then.

[arjan-bal]

Almost looks good, some minor comments.

[arjan-bal]

Can we move the computation of the default scheme higher up and pass the default scheme to the first call to iresolver.ParseTarget? That should allow us to get rid of the second ParseTarget below.

[arjan-bal]

style: Could you replace spaces with underscores (_) in the subtest names? The Go test harness automatically rewrites spaces, which makes it difficult to search the logs or run specific subtests via the test filter (-run flag) when debugging.

[arjan-bal]

I believe this check isn't present in the current implementation. Is there a strong reason to add this? If no, I would suggest maintaining the existing behaviour.

[HueCodes]

No strong reason, I removed it.

[arjan-bal]

Special handling for opaque URLs like this isn't present in the existing code. I assume this is required because the two places where the target is parsed behave differently:

1. In clientconn.go, if the URL is parsed successfully but the builder for the requested scheme is not found, the default scheme is prepended, and the target is re-parsed.
2. In rls/config.go, if the URL is parsed successfully but the builder for the requested scheme is not found, an error is returned directly. The default scheme is only used when either URL parsing fails, or it succeeds but the scheme is empty.

If we pass localhost:8080 to the RLS server parsing logic, it will parse it as an opaque URL, look for a resolver for localhost and fail. I suspect that RLS config parsing should be consistent across all gRPC implementations, as it comes from an xDS management server whereas gRPC channel target parsing differs slightly across them.

@easwars, can you comment on whether it makes sense to unify these two usages? If so, what is the expected behavior?

[easwars]

As per the RLS design doc, the lookup_service field must be set and non-empty and must parse as a target URI. This to me means that it should follow the same set of rules that we use for a regular grpc target URI.

[easwars]

It seems weird to me that our existing implementation in the clientconn uses the default scheme when the target URI parses successfully, but the scheme is not found in the resolver registry. It looks like some kind of backwards compatible behavior that we had which probably made sense when our default scheme was passthrough. Now, the default scheme is dns with grpc.NewClient. I think we might have to revisit some of this, unfortunately.