extproc: implement ClientFilter and ClientFilterBuilder interface

[eshitachandwani]

This PR is part of implementing A93: xds-ext-proc

NOTE : This PR has some coinciding changes with #9073 , they can be reviewed in that PR. The list of coinciding files:

• optional.go
• optional_test.go
• extconfig.go

This PR adds the builder that implements the ClientFilter and ClientFilterBuilder interface. That includes creating the interceptor config from the base and the override config. It also includes making the ext_proc channel.

THis PR has a placeholder function for converting grpcService to ServerConfig proto. The function will be implemented later when implementing gRFC A102.

The interceptor struct has a resolver.ClientInterceptor embedded for now, but that will be removed in a later PR when we implement the resolver.ClientInterceptor interface. Since the filter will not be registered and no one is calling the resolver.ClientInterceptor function fro extproc filter , it will not panic.

#ext-proc-a93

RELEASE NOTES: None

[codecov]

Codecov Report

❌ Patch coverage is 64.19753% with 29 lines in your changes missing coverage. Please review.
✅ Project coverage is 83.01%. Comparing base (06fc26a) to head (76f6f0a).
⚠️ Report is 20 commits behind head on master.

Files with missing lines	Patch %	Lines
internal/xds/httpfilter/extconfig.go	0.00%	25 Missing ⚠️
internal/xds/httpfilter/extproc/ext_proc.go	86.20%	3 Missing and 1 partial ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #9086      +/-   ##
==========================================
+ Coverage   80.52%   83.01%   +2.49%     
==========================================
  Files         413      417       +4     
  Lines       33543    33563      +20     
==========================================
+ Hits        27012    27864     +852     
+ Misses       4316     4273      -43     
+ Partials     2215     1426     -789     

Files with missing lines	Coverage Δ
experimental/optional/optional.go	100.00% <100.00%> (ø)
internal/xds/httpfilter/extproc/config.go	100.00% <100.00%> (ø)
internal/xds/httpfilter/extproc/ext_proc.go	86.20% <86.20%> (ø)
internal/xds/httpfilter/extconfig.go	0.00% <0.00%> (ø)

... and 45 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[eshitachandwani]

/gemini review

[gemini-code-assist]

Code Review

This pull request introduces the Envoy external processing filter, providing configuration parsing logic and the infrastructure to build a client interceptor. Feedback addresses a critical uninitialized function variable that would cause a panic during filter construction and suggests a performance optimization for slice allocation when converting string matchers.

[eshitachandwani]

As per offline discussion , changed override config to use the new optional type and changed the functions and tests accordingly.

[eshitachandwani]

/gemini review

[gemini-code-assist]

Code Review

This pull request introduces a generic Option[T] type for optional values and establishes the foundational configuration and builder logic for the xDS external processing (extproc) HTTP filter. Feedback highlights critical concerns regarding resource management, specifically the creation of unmanaged grpc.ClientConn instances that could lead to leaks and performance issues. Additionally, the interceptor struct currently embeds an uninitialized interface, which would result in a nil pointer dereference panic if invoked.

[gemini-code-assist]

The current implementation creates a new grpc.ClientConn to the external processing server on every call to BuildClientInterceptor. This is problematic for several reasons:

1. Resource Leak: The iresolver.ClientInterceptor interface does not have a Close method, and the gRPC-Go xDS framework does not currently provide a mechanism to close interceptors when they are replaced (e.g., during a configuration update). This means every connection created here will leak until the application exits.
2. Performance: Creating a ClientConn is an expensive operation that involves starting name resolution and connection management goroutines.
3. Redundancy: Multiple routes or clusters using the same external processing server will each create their own connection instead of sharing one.

The clientFilter should instead manage a cache of ClientConn instances (e.g., a map[string]*grpc.ClientConn keyed by the server configuration) and reuse them. These connections should then be closed in the clientFilter.Close() method.

[eshitachandwani]

Channel retention is in discussion and will be done later.

[gemini-code-assist]

The interceptor struct embeds the resolver.ClientInterceptor interface but does not initialize it. Since this is an interface, any attempt by the gRPC framework to call its methods (such as NewStream) on the returned interceptor will result in a nil pointer dereference panic.

While the PR description notes that this will be addressed in a later PR, it is highly recommended to provide a placeholder implementation of the interface methods that returns an error (e.g., using status.Error(codes.Unimplemented, ...)), or at least add a prominent TODO or comment in the code to warn that this struct is currently in a broken state if used.

[eshitachandwani]

The next PR will do this.

[easwars]

@eshitachandwani
There is a whole lot of overlap with 9073, in which I had a bunch of comments. So, moving this back to you until the former is merged.