Relates to linkerd/linkerd2#3984

Add a `/live` endpoint to the admin server which always returns a 200 success.  This can be used for liveness checking.

Signed-off-by: Alex Leong <[email protected]>

Our docker builds do not permit caching of dependencies or intermediate
build artifacts. However, Docker's new (experimental) buildkit features
add this functionality. I've been using this configuration locally for
some time, and it seems generaly useful enough to promote (especially
since this Dockerfile is only intended for development).

This change also untroduces the `PROXY_FEATURES` build-arg so that the
Dockerfile can be used to support profiling builds.

Furthermore, the `update-rust-versions.sh` script has been updated to
check versions and be more permissive about how it replaces versions in
the Dockerfile.

The docker CI build has been disabled until GitHub Actions has support
for this Dockerfile format.

If we run make in a cross-compile environment where the strip binary we
want to use is something else than strip, it is useful to have a STRIP
variable in the Makefile. If STRIP is not set, the default value is the
common strip.

Signed-off-by: Joakim Roubert <[email protected]>

A recent [Twitter thread][mudge] suggested that tools like
[`checksec`][checksec] be used to validate release binaries. Checksec
reports whether modern security features like stack canaries are
employed. Proxy builds appear to do pretty well out-of-the-box.

This change introduces a checksec.sh wrapper that is used by the
Makefile during packaging. A new _package_ github action is introduced
to provide `checksec` and `jq` dependencies at runtime. (Note: the
version of checksec provided by debian does not include JSON output, so
it is instead fetched directly from GitHub).

During an automated release, the generated checksec is compared to an
expected set of values and, if a regression is detected, the release
will fail.

[mudge]: https://twitter.com/dotMudge/status/1249359519471341569
[checksec]: https://github.com/slimm609/checksec.sh

When the proxy receives connections on ports on which protocol
detection is not disabled, it holds the connection until the client has
sent some data. This means that clients that send no data can consume
proxy resources indefinitely and that the proxy provides no feedback to
the application that it cannot handle the connection.

This change uses the configured dispatch timeout to limit the amount of time
a connection can wait for data to detect its protocol.

This is accomplished by modifying the `Accept` trait so that its response type
is a `Future` that is provided once protocol detection, etc have been completed.

Fixes linkerd/linkerd2#4069

Fetch the raw script, not the HTML.

During testing, we set a hardcoded release version, but this was not
undone.

This fixes the release action by restoring the tag-derived version
string.

Also, modify update-rust-version.sh to operate on all Dockerfiles in the
repo.

The retryable HTTP responses that were not retries are only those with the skipped: no_budget label. Actual retries that occured fall under this metric category.

Signed-off-by: Naseem <[email protected]>

The destination controller may set a per-endpoint `override_authority`
field that sets a new `Host`/`:authority` value to be used on the
outbound request.

This change introduces an `override_authority` middleware that uses
this metadata to modify outbound requests when an override is set.

When gRPC implementations encounter an underlying transport error, they
surface the error via an `UNAVAILABLE` gRPC status code. Linkerd breaks this
behavior by converting these errors to stream resets, which instead appear as
an `UNKNOWN` error to applications.

This change modifies the proxy's error handling logic to set the the correct gRPC
status code when a stream fails with a hyper error, which should work more
seamlessly with gRPC error handling. This status is only set when the request's
content-type indicates the stream is sending gRPC messages.

In #493, we opted to handle all hyper errors as `UNAVAILABLE` for gRPC
messages.

This change modifies the signature of `http_status` & `set_grpc_status`
so that we can unwrap arbitrary inner errors via `Error::source`. This
reduces some unnecessary special-casing and allows us to more-narrowly
target IO errors.

Signed-off-by: Eliza Weisman <[email protected]>

Signed-off-by: Eliza Weisman <[email protected]>