istio
diff --git a/‎go.mod‎
Lines changed: 4 additions & 4 deletions b/‎go.mod‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎go.sum‎
Lines changed: 20 additions & 0 deletions b/‎go.sum‎
Lines changed: 20 additions & 0 deletions
diff --git a/‎source/extensions/common/workload_discovery/BUILD‎
Lines changed: 5 additions & 1 deletion b/‎source/extensions/common/workload_discovery/BUILD‎
Lines changed: 5 additions & 1 deletion
diff --git a/‎source/extensions/common/workload_discovery/api.cc‎
Lines changed: 196 additions & 41 deletions b/‎source/extensions/common/workload_discovery/api.cc‎
Lines changed: 196 additions & 41 deletions
@@ -8,22 +8,22 @@ require (
 	cloud.google.com/go/trace v1.4.0
 	github.com/cncf/xds/go v0.0.0-20221128185840-c261a164b73d
 	github.com/d4l3k/messagediff v1.2.2-0.20180726183240-b9e99b2f9263
-	github.com/envoyproxy/go-control-plane v0.10.3-0.20221213161420-c99aac2a2f43
+	github.com/envoyproxy/go-control-plane v0.11.0
 	github.com/golang/protobuf v1.5.2
 	github.com/google/go-cmp v0.5.9
 	github.com/prometheus/client_model v0.3.0
 	github.com/prometheus/common v0.38.0
 	google.golang.org/genproto v0.0.0-20221207170731-23e4bf6bdc37
-	google.golang.org/grpc v1.51.0
+	google.golang.org/grpc v1.52.0
 	google.golang.org/protobuf v1.28.1
 	gopkg.in/yaml.v2 v2.4.0
 	sigs.k8s.io/yaml v1.3.0
 )
 
 require (
 	cloud.google.com/go/longrunning v0.3.0 // indirect
-	github.com/census-instrumentation/opencensus-proto v0.3.0 // indirect
-	github.com/envoyproxy/protoc-gen-validate v0.6.7 // indirect
+	github.com/census-instrumentation/opencensus-proto v0.4.1 // indirect
+	github.com/envoyproxy/protoc-gen-validate v0.9.1 // indirect
 	github.com/matttproud/golang_protobuf_extensions v1.0.2 // indirect
 	github.com/stretchr/testify v1.8.1 // indirect
 	golang.org/x/net v0.7.0 // indirect
 
@@ -46,6 +46,8 @@ github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kd
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
 github.com/census-instrumentation/opencensus-proto v0.3.0 h1:t/LhUZLVitR1Ow2YOnduCsavhwFUklBMoGVYUCqmCqk=
 github.com/census-instrumentation/opencensus-proto v0.3.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
+github.com/census-instrumentation/opencensus-proto v0.4.1 h1:iKLQ0xPNFxR/2hzXZMrBo8f1j86j5WHzznCCQxV/b8g=
+github.com/census-instrumentation/opencensus-proto v0.4.1/go.mod h1:4T9NM4+4Vw91VeyqjLS6ao50K5bOcLKN6Q42XnYaRYw=
 github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc=
 github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI=
@@ -75,9 +77,13 @@ github.com/envoyproxy/go-control-plane v0.9.9-0.20210512163311-63b5d3c536b0/go.m
 github.com/envoyproxy/go-control-plane v0.9.10-0.20210907150352-cf90f659a021/go.mod h1:AFq3mo9L8Lqqiid3OhADV3RfLJnjiw63cSpi+fDTRC0=
 github.com/envoyproxy/go-control-plane v0.10.3-0.20221213161420-c99aac2a2f43 h1:PtquDI1L8Ak/ALyHzCoyrJ9SI556KvFO/jfFX3Qh8M8=
 github.com/envoyproxy/go-control-plane v0.10.3-0.20221213161420-c99aac2a2f43/go.mod h1:ufpOdMVWU+v42FYQiIBUhSWglFcK3S1Ml8bbzLwkdcE=
+github.com/envoyproxy/go-control-plane v0.11.0 h1:jtLewhRR2vMRNnq2ZZUoCjUlgut+Y0+sDDWPOfwOi1o=
+github.com/envoyproxy/go-control-plane v0.11.0/go.mod h1:VnHyVMpzcLvCFt9yUz1UnCwHLhwx1WguiVDV7pTG/tI=
 github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
 github.com/envoyproxy/protoc-gen-validate v0.6.7 h1:qcZcULcd/abmQg6dwigimCNEyi4gg31M/xaciQlDml8=
 github.com/envoyproxy/protoc-gen-validate v0.6.7/go.mod h1:dyJXwwfPK2VSqiB9Klm1J6romD608Ba7Hij42vrOBCo=
+github.com/envoyproxy/protoc-gen-validate v0.9.1 h1:PS7VIOgmSVhWUEeZwTe7z7zouA22Cr590PzXKbZHOVY=
+github.com/envoyproxy/protoc-gen-validate v0.9.1/go.mod h1:OKNgG7TCp5pF4d6XftA0++PMirau2/yoOwVac3AbF2w=
 github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
 github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
 github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
@@ -261,6 +267,10 @@ golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96b
 golang.org/x/net v0.0.0-20210813160813-60bc85c4be6d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
 golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g=
 golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
+golang.org/x/net v0.0.0-20221014081412-f15817d10f9b h1:tvrvnPFcdzp294diPnrdZZZ8XUt2Tyj7svb7X52iDuU=
+golang.org/x/net v0.0.0-20221014081412-f15817d10f9b/go.mod h1:YDH+HFinaLZZlnHAfSS6ZXJJ9M9t4Dl22yv3iI2vPwk=
+golang.org/x/net v0.4.0 h1:Q5QPcMlvfxFTAPV0+07Xz/MpK9NTXu2VDUuy0FeMfaU=
+golang.org/x/net v0.4.0/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -308,6 +318,10 @@ golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBc
 golang.org/x/sys v0.0.0-20210816183151-1e6c022a8912/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU=
 golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10 h1:WIoqL4EROvwiPdUtaip4VcDdpZ4kha7wBWZrbVKCIZg=
+golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.3.0 h1:w8ZOecv6NaNa/zC8944JTU3vz4u6Lagfk4RPQxv92NQ=
+golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -319,6 +333,10 @@ golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo=
 golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
+golang.org/x/text v0.4.0 h1:BrVqGRd7+k1DiOgtnFvAkoQEWQvBc25ouMJM6429SFg=
+golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
+golang.org/x/text v0.5.0 h1:OLmvp0KP+FVG99Ct/qFiL/Fhk4zp4QQnZ7b2U+5piUM=
+golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
@@ -442,6 +460,8 @@ google.golang.org/grpc v1.42.0/go.mod h1:k+4IHHFw41K8+bbowsex27ge2rCb65oeWqe4jJ5
 google.golang.org/grpc v1.45.0/go.mod h1:lN7owxKUQEqMfSyQikvvk5tf/6zMPsrK+ONuO11+0rQ=
 google.golang.org/grpc v1.51.0 h1:E1eGv1FTqoLIdnBCZufiSHgKjlqG6fKFf6pPWtMTh8U=
 google.golang.org/grpc v1.51.0/go.mod h1:wgNDFcnuBGmxLKI/qn4T+m5BtEBYXJPvibbUPsAIPww=
+google.golang.org/grpc v1.52.0 h1:kd48UiU7EHsV4rnLyOJRuP/Il/UHE7gdDAQ+SZI7nZk=
+google.golang.org/grpc v1.52.0/go.mod h1:pu6fVzoFb+NBYNAvQL08ic+lvB2IojljRYuun5vorUY=
 google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
 google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
 google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
 
@@ -37,6 +37,7 @@ envoy_cc_extension(
         "@envoy//envoy/server:bootstrap_extension_config_interface",
         "@envoy//envoy/server:factory_context_interface",
         "@envoy//envoy/singleton:manager_interface",
+        "@envoy//envoy/stats:stats_macros",
         "@envoy//envoy/thread_local:thread_local_interface",
         "@envoy//source/common/common:non_copyable",
         "@envoy//source/common/config:subscription_base_interface",
@@ -47,7 +48,10 @@ envoy_cc_extension(
 
 envoy_proto_library(
     name = "discovery",
-    srcs = ["discovery.proto"],
+    srcs = [
+        "discovery.proto",
+        "extension.proto",
+    ],
     deps = [
         "@envoy_api//envoy/config/core/v3:pkg",
     ],
 
@@ -16,68 +16,223 @@
 
 #include "envoy/registry/registry.h"
 #include "envoy/server/bootstrap_extension_config.h"
+#include "envoy/server/factory_context.h"
+#include "envoy/singleton/manager.h"
+#include "envoy/thread_local/thread_local.h"
+#include "source/common/common/non_copyable.h"
+#include "source/common/config/subscription_base.h"
+#include "source/common/grpc/common.h"
+#include "source/common/init/target_impl.h"
+#include "source/extensions/common/workload_discovery/discovery.pb.h"
+#include "source/extensions/common/workload_discovery/discovery.pb.validate.h"
+#include "source/extensions/common/workload_discovery/extension.pb.h"
+#include "source/extensions/common/workload_discovery/extension.pb.validate.h"
 
 namespace Envoy::Extensions::Common::WorkloadDiscovery {
 
+namespace {
+Istio::Common::WorkloadMetadataObject convert(const istio::workload::Workload& workload) {
+  auto workload_type = Istio::Common::WorkloadType::Deployment;
+  switch (workload.workload_type()) {
+  case istio::workload::WorkloadType::CRONJOB:
+    workload_type = Istio::Common::WorkloadType::CronJob;
+    break;
+  case istio::workload::WorkloadType::JOB:
+    workload_type = Istio::Common::WorkloadType::Job;
+    break;
+  case istio::workload::WorkloadType::POD:
+    workload_type = Istio::Common::WorkloadType::Pod;
+    break;
+  default:
+    break;
+  }
+  return Istio::Common::WorkloadMetadataObject(
+      workload.name(), /* cluster_name */ "", workload.namespace_(), workload.workload_name(),
+      workload.canonical_name(), workload.canonical_revision(), /* app_name */ "",
+      /* app_version */ "", workload_type);
+}
+} // namespace
+
+class WorkloadMetadataProviderImpl : public WorkloadMetadataProvider, public Singleton::Instance {
+public:
+  WorkloadMetadataProviderImpl(const envoy::config::core::v3::ConfigSource& config_source,
+                               Server::Configuration::ServerFactoryContext& factory_context)
+      : config_source_(config_source), factory_context_(factory_context),
+        tls_(factory_context.threadLocal()),
+        scope_(factory_context.scope().createScope("workload_discovery")),
+        stats_(generateStats(*scope_)), subscription_(*this) {
+    tls_.set([](Event::Dispatcher&) { return std::make_shared<ThreadLocalProvider>(); });
+    // This is safe because the ADS mux is started in the cluster manager constructor prior to this
+    // call.
+    subscription_.start();
+  }
+
+  std::optional<Istio::Common::WorkloadMetadataObject>
+  GetMetadata(const Network::Address::InstanceConstSharedPtr& address) override {
+    if (address && address->ip()) {
+      if (const auto ipv4 = address->ip()->ipv4(); ipv4) {
+        uint32_t value = ipv4->address();
+        std::array<uint8_t, 4> output;
+        absl::little_endian::Store32(&output, value);
+        return tls_->get(std::string(output.begin(), output.end()));
+      } else if (const auto ipv6 = address->ip()->ipv6(); ipv6) {
+        const uint64_t high = absl::Uint128High64(ipv6->address());
+        const uint64_t low = absl::Uint128Low64(ipv6->address());
+        std::array<uint8_t, 16> output;
+        absl::little_endian::Store64(&output, high);
+        absl::little_endian::Store64(&output[8], low);
+        return tls_->get(std::string(output.begin(), output.end()));
+      }
+    }
+    return {};
+  }
+
+private:
+  using AddressIndex = absl::flat_hash_map<std::string, Istio::Common::WorkloadMetadataObject>;
+  using AddressIndexSharedPtr = std::shared_ptr<AddressIndex>;
+  using AddressVector = std::vector<std::string>;
+  using AddressVectorSharedPtr = std::shared_ptr<AddressVector>;
+
+  struct ThreadLocalProvider : public ThreadLocal::ThreadLocalObject {
+    void reset(const AddressIndexSharedPtr& index) { address_index_ = *index; }
+    void update(const AddressIndexSharedPtr& added, const AddressVectorSharedPtr& removed) {
+      for (const auto& [address, workload] : *added) {
+        address_index_.emplace(address, workload);
+      }
+      for (const auto& address : *removed) {
+        address_index_.erase(address);
+      }
+    }
+    size_t total() const { return address_index_.size(); }
+    // Returns by-value since the flat map does not provide pointer stability.
+    std::optional<Istio::Common::WorkloadMetadataObject> get(const std::string& address) {
+      const auto it = address_index_.find(address);
+      if (it != address_index_.end()) {
+        return it->second;
+      }
+      return {};
+    }
+    AddressIndex address_index_;
+  };
+  class WorkloadSubscription : Config::SubscriptionBase<istio::workload::Workload> {
+  public:
+    WorkloadSubscription(WorkloadMetadataProviderImpl& parent)
+        : Config::SubscriptionBase<istio::workload::Workload>(
+              parent.factory_context_.messageValidationVisitor(), "address"),
+          parent_(parent) {
+      subscription_ = parent.factory_context_.clusterManager()
+                          .subscriptionFactory()
+                          .subscriptionFromConfigSource(
+                              parent.config_source_, Grpc::Common::typeUrl(getResourceName()),
+                              *parent.scope_, *this, resource_decoder_, {});
+    }
+    void start() { subscription_->start({}); }
+
+  private:
+    // Config::SubscriptionCallbacks
+    void onConfigUpdate(const std::vector<Config::DecodedResourceRef>& resources,
+                        const std::string&) override {
+      AddressIndexSharedPtr index = std::make_shared<AddressIndex>();
+      for (const auto& resource : resources) {
+        const auto& workload =
+            dynamic_cast<const istio::workload::Workload&>(resource.get().resource());
+        index->emplace(workload.address(), convert(workload));
+      }
+      parent_.reset(index);
+    }
+    void onConfigUpdate(const std::vector<Config::DecodedResourceRef>& added_resources,
+                        const Protobuf::RepeatedPtrField<std::string>& removed_resources,
+                        const std::string&) override {
+      AddressIndexSharedPtr added = std::make_shared<AddressIndex>();
+      for (const auto& resource : added_resources) {
+        const auto& workload =
+            dynamic_cast<const istio::workload::Workload&>(resource.get().resource());
+        added->emplace(workload.address(), convert(workload));
+      }
+      AddressVectorSharedPtr removed = std::make_shared<AddressVector>();
+      removed->reserve(removed_resources.size());
+      for (const auto& resource : removed_resources) {
+        removed->push_back(resource);
+      }
+      parent_.update(added, removed);
+    }
+    void onConfigUpdateFailed(Config::ConfigUpdateFailureReason, const EnvoyException*) override {
+      // Do nothing - feature is automatically disabled.
+      // TODO: Potential issue with the expiration of the metadata.
+    }
+    WorkloadMetadataProviderImpl& parent_;
+    Config::SubscriptionPtr subscription_;
+  };
+
+  void reset(AddressIndexSharedPtr index) {
+    tls_.runOnAllThreads([index](OptRef<ThreadLocalProvider> tls) { tls->reset(index); });
+    stats_.total_.set(tls_->total());
+  }
+
+  void update(AddressIndexSharedPtr added, AddressVectorSharedPtr removed) {
+    tls_.runOnAllThreads(
+        [added, removed](OptRef<ThreadLocalProvider> tls) { tls->update(added, removed); });
+    stats_.total_.set(tls_->total());
+  }
+
+  WorkloadDiscoveryStats generateStats(Stats::Scope& scope) {
+    return WorkloadDiscoveryStats{WORKLOAD_DISCOVERY_STATS(POOL_GAUGE(scope))};
+  }
+
+  const envoy::config::core::v3::ConfigSource config_source_;
+  Server::Configuration::ServerFactoryContext& factory_context_;
+  ThreadLocal::TypedSlot<ThreadLocalProvider> tls_;
+  Stats::ScopeSharedPtr scope_;
+  WorkloadDiscoveryStats stats_;
+  WorkloadSubscription subscription_;
+};
+
 SINGLETON_MANAGER_REGISTRATION(WorkloadMetadataProvider)
 
 class WorkloadDiscoveryExtension : public Server::BootstrapExtension {
- public:
-  WorkloadDiscoveryExtension(
-      Server::Configuration::ServerFactoryContext& factory_context,
-      const istio::workload_discovery::v1::BootstrapExtension& config)
+public:
+  WorkloadDiscoveryExtension(Server::Configuration::ServerFactoryContext& factory_context,
+                             const istio::workload::BootstrapExtension& config)
       : factory_context_(factory_context), config_(config) {}
 
   // Server::Configuration::BootstrapExtension
   void onServerInitialized() override {
-    provider_ =
-        factory_context_.singletonManager().getTyped<WorkloadMetadataProvider>(
-            SINGLETON_MANAGER_REGISTERED_NAME(WorkloadMetadataProvider), [&] {
-              return std::make_shared<WorkloadMetadataProvider>(
-                  config_.config_source(), factory_context_);
-            });
-    /* Example:
-    provider_->fetch("127.0.0.1", [](const WorkloadRecordSharedPtr& record) {
-      std::cout << "1: " << (record->metadata_.has_value() ?
-    record->metadata_->baggage() : "(none)")
-                << std::endl;
-    });
-    provider_->fetch("127.0.0.2", [](const WorkloadRecordSharedPtr& record) {
-      std::cout << "2: " << (record->metadata_.has_value() ?
-    record->metadata_->baggage() : "(none)")
-                << std::endl;
-    });
-    */
+    provider_ = factory_context_.singletonManager().getTyped<WorkloadMetadataProvider>(
+        SINGLETON_MANAGER_REGISTERED_NAME(WorkloadMetadataProvider), [&] {
+          return std::make_shared<WorkloadMetadataProviderImpl>(config_.config_source(),
+                                                                factory_context_);
+        });
   }
 
- private:
+private:
   Server::Configuration::ServerFactoryContext& factory_context_;
-  const istio::workload_discovery::v1::BootstrapExtension config_;
+  const istio::workload::BootstrapExtension config_;
   WorkloadMetadataProviderSharedPtr provider_;
 };
 
-class WorkloadDiscoveryFactory
-    : public Server::Configuration::BootstrapExtensionFactory {
- public:
+class WorkloadDiscoveryFactory : public Server::Configuration::BootstrapExtensionFactory {
+public:
   // Server::Configuration::BootstrapExtensionFactory
-  Server::BootstrapExtensionPtr createBootstrapExtension(
-      const Protobuf::Message& config,
-      Server::Configuration::ServerFactoryContext& context) override {
-    const auto& message = MessageUtil::downcastAndValidate<
-        const istio::workload_discovery::v1::BootstrapExtension&>(
-        config, context.messageValidationVisitor());
+  Server::BootstrapExtensionPtr
+  createBootstrapExtension(const Protobuf::Message& config,
+                           Server::Configuration::ServerFactoryContext& context) override {
+    const auto& message =
+        MessageUtil::downcastAndValidate<const istio::workload::BootstrapExtension&>(
+            config, context.messageValidationVisitor());
     return std::make_unique<WorkloadDiscoveryExtension>(context, message);
   }
   ProtobufTypes::MessagePtr createEmptyConfigProto() override {
-    return std::make_unique<
-        istio::workload_discovery::v1::BootstrapExtension>();
+    return std::make_unique<istio::workload::BootstrapExtension>();
   }
-  std::string name() const override {
-    return "envoy.bootstrap.workload_discovery";
-  };
+  std::string name() const override { return "envoy.bootstrap.workload_discovery"; };
 };
 
-REGISTER_FACTORY(WorkloadDiscoveryFactory,
-                 Server::Configuration::BootstrapExtensionFactory);
+REGISTER_FACTORY(WorkloadDiscoveryFactory, Server::Configuration::BootstrapExtensionFactory);
+
+WorkloadMetadataProviderSharedPtr
+GetProvider(Server::Configuration::ServerFactoryContext& context) {
+  return context.singletonManager().getTyped<WorkloadMetadataProvider>(
+      SINGLETON_MANAGER_REGISTERED_NAME(WorkloadMetadataProvider));
+}
 
-}  // namespace Envoy::Extensions::Common::WorkloadDiscovery
+} // namespace Envoy::Extensions::Common::WorkloadDiscovery